Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/P1LcU_BBIAvp5zvXWkRRcvnWUsA.roa
File: P1LcU_BBIAvp5zvXWkRRcvnWUsA.roa (raw, json)
Hash identifier: oLg9faF7kZ2kY6xfFyMSBqxuYoBq8k7Ov/yQT2+Etw0=
Subject key identifier: 3F:52:DC:53:F0:41:20:0B:E9:E7:3B:D7:5A:44:51:72:F9:D6:52:C0
Certificate issuer: /CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Certificate serial: 01843EEDB111431A3C064083054DA7EC871E
Authority key identifier: 57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/P1LcU_BBIAvp5zvXWkRRcvnWUsA.roa
Signing time: Thu 03 Nov 2022 19:17:55 +0000
ROA not before: Thu 03 Nov 2022 19:17:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12365
IP address blocks: 185.78.136.0/22 maxlen: 22
89.146.84.0/22 maxlen: 22
89.146.80.0/22 maxlen: 22
82.215.92.0/22 maxlen: 22
89.146.88.0/22 maxlen: 22
82.215.112.0/22 maxlen: 22
89.146.96.0/22 maxlen: 22
89.146.92.0/22 maxlen: 22
89.146.104.0/22 maxlen: 22
81.95.224.0/20 maxlen: 20
82.215.116.0/22 maxlen: 22
89.146.100.0/22 maxlen: 22
89.146.112.0/22 maxlen: 22
82.215.124.0/22 maxlen: 22
89.146.108.0/22 maxlen: 22
82.215.120.0/22 maxlen: 22
89.146.116.0/22 maxlen: 22
89.146.124.0/22 maxlen: 22
89.146.120.0/22 maxlen: 22
82.215.68.0/23 maxlen: 23
82.215.66.0/23 maxlen: 23
89.146.64.0/22 maxlen: 22
82.215.77.0/24 maxlen: 24
82.215.78.0/23 maxlen: 23
82.215.72.0/22 maxlen: 22
82.215.85.0/24 maxlen: 24
89.146.68.0/22 maxlen: 22
89.146.64.0/18 maxlen: 18
82.215.80.0/22 maxlen: 22
89.146.76.0/22 maxlen: 22
82.215.88.0/21 maxlen: 21
82.215.88.0/22 maxlen: 22
82.215.86.0/23 maxlen: 23
89.146.72.0/22 maxlen: 22
2a00:8841::/32 maxlen: 32
2a00:8840::/32 maxlen: 32
2a00:8842::/32 maxlen: 32
2a00:8846::/32 maxlen: 32
2a00:8843::/32 maxlen: 32
2a00:8844::/32 maxlen: 32
2a00:8845::/32 maxlen: 32
2a00:8847::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:ed:b1:11:43:1a:3c:06:40:83:05:4d:a7:ec:87:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Validity
Not Before: Nov 3 19:17:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f52dc53f041200be9e73bd75a445172f9d652c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:91:19:02:64:ae:cc:0a:96:60:f7:7f:c3:2c:
be:4a:5f:31:57:46:5f:55:4a:ad:c3:72:40:f9:c2:
32:6d:c4:99:82:3b:26:92:07:38:9e:c7:e4:a8:32:
a5:02:50:d2:f2:b5:12:28:2d:d2:34:bb:e2:19:fe:
ff:6a:e7:41:65:a0:a9:61:e7:31:9d:e2:66:4a:24:
cb:a1:e4:ad:08:bf:33:88:07:b6:c4:1b:28:b0:eb:
e7:80:08:de:71:19:6d:81:1d:bc:b1:21:aa:5b:b7:
29:61:f8:45:05:db:24:5d:18:8b:c4:53:5d:b6:e6:
de:c8:da:94:b0:a1:f4:87:c1:e7:bd:77:9c:c8:75:
97:37:23:9e:7c:60:ed:fa:58:9b:53:a4:86:78:07:
9c:dd:3a:ca:b8:e9:c3:b1:ab:f8:2a:3f:d0:65:4a:
53:6f:3f:b9:03:20:c8:92:07:db:cc:1c:a7:58:27:
35:fa:ae:99:c4:a7:69:58:96:f2:73:bd:cc:d4:9b:
7a:21:a6:f9:1b:be:e4:cb:9f:41:a6:e7:60:4a:92:
f9:e5:03:87:63:4b:71:c4:d9:05:13:82:fb:7b:b2:
00:e0:26:04:b5:21:57:57:fd:47:1c:11:51:d2:f0:
e1:15:ca:f8:af:11:a1:5c:ce:5d:22:8d:53:20:b0:
24:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:52:DC:53:F0:41:20:0B:E9:E7:3B:D7:5A:44:51:72:F9:D6:52:C0
X509v3 Authority Key Identifier:
keyid:57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/P1LcU_BBIAvp5zvXWkRRcvnWUsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/V0zKiZ71v0I38Pa90XeSIbIAUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.224.0/20
82.215.66.0-82.215.69.255
82.215.72.0/22
82.215.77.0-82.215.83.255
82.215.85.0-82.215.95.255
82.215.112.0/20
89.146.64.0/18
185.78.136.0/22
IPv6:
2a00:8840::/29
Signature Algorithm: sha256WithRSAEncryption
95:e1:a2:04:d7:f4:2a:50:f7:30:e8:10:54:51:44:b9:7e:11:
a4:a0:2e:44:6c:09:a1:ec:39:77:4e:40:b9:bb:3a:cc:49:22:
d5:79:5b:b3:ba:42:b8:fe:6e:54:a0:05:b1:27:cf:24:e0:44:
44:7e:8c:52:51:d3:75:0c:9f:8a:67:07:46:d5:e3:1f:94:42:
d7:25:33:94:47:4a:30:c6:97:e3:7b:39:a4:cd:26:4e:4e:22:
da:53:4c:3b:ce:f1:ed:d7:8f:46:07:32:21:c9:8c:8b:97:78:
dc:72:2f:e7:f0:d9:dc:d5:0c:09:ee:a4:05:47:45:7b:1a:cc:
6c:0f:29:2d:3e:8b:55:14:5a:24:ef:92:f4:8e:fb:bc:42:65:
45:9d:56:60:b1:42:95:14:3f:15:1a:bf:64:61:18:cb:61:fb:
58:24:76:52:c4:d0:cd:90:0e:b2:b3:02:9c:33:48:bf:53:c4:
64:a1:cd:53:77:52:bb:c3:d1:6d:0f:b5:2a:83:e9:73:77:bf:
45:57:43:2b:29:eb:7c:30:d8:52:6f:f3:1f:ff:86:b5:02:a3:
1f:96:ac:a9:be:87:25:1c:57:0a:d5:3e:f0:38:33:fe:d2:2e:
77:e0:d4:a0:d3:9d:d3:f2:a5:53:85:a4:4c:dd:05:da:76:0e:
c9:14:0f:dc
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYQ+7bERQxo8BkCDBU2n7IceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NGNjYTg5OWVmNWJmNDIzN2YwZjZiZGQxNzc5MjIxYjIw
MDUyZjMwHhcNMjIxMTAzMTkxNzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUyZGM1M2YwNDEyMDBiZTllNzNiZDc1YTQ0NTE3MmY5ZDY1MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5EZAmSuzAqWYPd/wyy+Sl8xV0Zf
VUqtw3JA+cIybcSZgjsmkgc4nsfkqDKlAlDS8rUSKC3SNLviGf7/audBZaCpYecx
neJmSiTLoeStCL8ziAe2xBsosOvngAjecRltgR28sSGqW7cpYfhFBdskXRiLxFNd
tubeyNqUsKH0h8HnvXecyHWXNyOefGDt+libU6SGeAec3TrKuOnDsav4Kj/QZUpT
bz+5AyDIkgfbzBynWCc1+q6ZxKdpWJbyc73M1Jt6Iab5G77ky59BpudgSpL55QOH
Y0txxNkFE4L7e7IA4CYEtSFXV/1HHBFR0vDhFcr4rxGhXM5dIo1TILAkXwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFD9S3FPwQSAL6ec711pEUXL51lLAMB8GA1UdIwQY
MBaAFFdMyome9b9CN/D2vdF3kiGyAFLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODIt
ZWUxMTI2YTI4MTk1LzEvUDFMY1VfQkJJQXZwNXp2WFdrUlJjdm5XVXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODItZWUxMTI2YTI4MTk1
LzEvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQEUV/gMAwD
BAFS10IDBAFS10QDBAJS10gwDAMEAFLXTQMEAlLXUDAMAwQAUtdVAwQFUtdAAwQE
UtdwAwQGWZJAAwQCuU6IMA0EAgACMAcDBQMqAIhAMA0GCSqGSIb3DQEBCwUAA4IB
AQCV4aIE1/QqUPcw6BBUUUS5fhGkoC5EbAmh7Dl3TkC5uzrMSSLVeVuzukK4/m5U
oAWxJ88k4EREfoxSUdN1DJ+KZwdG1eMflELXJTOUR0owxpfjezmkzSZOTiLaU0w7
zvHt149GBzIhyYyLl3jcci/n8Nnc1QwJ7qQFR0V7GsxsDyktPotVFFok75L0jvu8
QmVFnVZgsUKVFD8VGr9kYRjLYftYJHZSxNDNkA6yswKcM0i/U8Rkoc1Td1K7w9Ft
D7Uqg+lzd79FV0MrKet8MNhSb/Mf/4a1AqMflqypvoclHFcK1T7wODP+0i534NSg
053T8qVThaRM3QXadg7JFA/c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:09 2024 by rpki-client on console-fra.rpki-client.org